Angular 4 Token Based Authentication

The Token based authentication has received expansion
over last few years due to RESTful Web APIs, SPA and so on. The Token based
authentication is stateless.

Stateless
– every transaction is performed as if it was being done for the very first
time and there is no previously stored information used for the current
transaction.

Token
Based Authentication Steps As -

User enters their login credentials and the server
verifies the entered credentials. Validating to the entered credentials, It’s correct
or not. If the credentials are correct, returns a signed token. This token is
stored local storage in the client side. We can also store in session storage
or cookie.

Example
As –

private_setSession(authResult,
profile) {

//Save session data and update login status subject

localStorage.setItem('access_token',
authResult.accessToken);

localStorage.setItem('id_token',
authResult.idToken);

localStorage.setItem('userProfile',
JSON.stringify(profile));

this.setLoggedIn(true);

}

Advantages
of Token-Based Authentication -

1.Stateless,

2.Scalable

3.Decoupled

4.JWT
is placed in the browsers local storage

5.Protect
Cross Domain and CORS

6.Store
Data in the JWT

7.Protect
XSS and XSRF Protection

Where
To Store Tokens?

It does depend on you, where you want to store
the JWT. The JWT is placed in your browsers local storage.